You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-34341
About this tag
CVE-2026-34341 is a Windows Link-Layer Discovery Protocol elevation-of-privilege vulnerability disclosed by Microsoft in May 2026. Classified as Important, the flaw involves a double-free condition that a low-privileged local attacker can exploit by winning a race condition to gain SYSTEM privileges on affected Windows clients and servers. Microsoft's scoring indicates it is local, high-complexity, not publicly disclosed, and not known to be exploited at disclosure. The vulnerability highlights how a quiet Layer 2 networking component can be leveraged for full machine control, making it relevant for defenders prioritizing local privilege escalation risks in Windows environments.
Microsoft disclosed CVE-2026-34341 on May 12, 2026, as an Important Windows Link-Layer Discovery Protocol elevation-of-privilege flaw in which a low-privileged local attacker could exploit a double-free condition, win a race condition, and gain SYSTEM privileges on affected Windows clients and...